<?php require ('setcookie.html'); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html lang="de">
<head>
    <title>Lingomoto - Passwort aendern - Sprachen lernen</title>
    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
    <meta name="description" content="Lingomoto - Passwort aendern - Sprachen lernen" />
    <meta name="language" content="de" />
    <link href="style.css" type="text/css" rel="stylesheet" />
    <link rel="shortcut icon" type="image/x-icon" href="favicon.ico" />
</head>

<body id="account">
<?php
// read configuration
require ('konfiguration.html');
// read user-data
require ('nutzer.html');
// read header
$link = "passwort-aendern.html";
$langen = 'change-password.html';
$langes = 'cambiar-password.html';
$langru = 'passwort-aendern.html';
require ('kopf.html');
// <!-- horizontal column -->
echo '<div>';
require ('horizontal.html');
echo '</div>';
// <!-- Left Column -->
echo '<div id="left_col">';
require ('vertikal.html');
echo '</div>';

// <!-- Content -->
echo '<div id="content">';
echo '<div id="block5">';

// request for login
if ($_SESSION['logini']== false) {
    require_once ('loginformular.html'); 
}

// if new password, request for change of password
elseif ( $newpass == 1 )
{
$passwo = isset($_REQUEST['passwo']) ? $_REQUEST['passwo'] : '1';
$passwo1 = isset($_REQUEST['passwo1']) ? $_REQUEST['passwo1'] : '1';
$passwo2 = isset($_REQUEST['passwo2']) ? $_REQUEST['passwo2'] : '1';
$ok='';
require_once ('neues-passwort.html');
}
else 
{
// initialize variables
$password0 = isset($_REQUEST['password0']) ? $_REQUEST['password0'] : '1';
$password1 = isset($_REQUEST['password1']) ? $_REQUEST['password1'] : '1';
$password2 = isset($_REQUEST['password2']) ? $_REQUEST['password2'] : '1';
$ok='';

if ( $password0 == '1' ) 
{
    show_form();
}
else
{
    check_input();

    if ( $ok == '1' )
    { 
        change_password();
    }
    else
    {
        echo "<div class='message'>". $errors . "</div>";
        show_form();
    }
}}    


// ----------------------- Functions --------------------------------------------------------------------------------------------

function show_form() {

    global $email;

    echo '<form action="passwort-aendern.html" method="post" >';
    echo '<h2>Passwort &Auml;ndern</h2>';
    echo "<br />";
    echo '<div class="content_frame">';
    echo "Hier kannst Du Dein Passwort &auml;ndern:";
    echo "<br />";
    echo "<br />";
    echo '<ul>';
    echo '<li>Aktuelles Passwort:</li>';
    echo '<li><input type="password" name="password0" value="" size="25" maxlength="60" class="input" onClick=this.value="" /></li>';
    echo '<li>Neues Passwort:</li>';
    echo '<li><input type="password" name="password1" value="" size="25" maxlength="60" class="input" onClick=this.value="" /></li>';
    echo '<li>Neues Passwort best&auml;tigen:</li>';
    echo '<li><input type="password" name="password2" value="" size="25" maxlength="60" class="input" onClick=this.value="" /></li>';
    echo '<li><input type="image" src="bilder/buttons/senden.gif" name="email" alt="senden" title=" Senden " /></li>';
    echo '</ul>';
    echo '</div>';
    echo '</form>';

}

function change_password() {

    global $password1;
    $customerid = $_SESSION['customerid'];

    // convert password
    $password1 = md5($password1);

    // update
	$sql1 = " update customerdata set password ='$password1' where customerid = '$customerid'";

    $db_upd = mysql_query( $sql1 );
    if ( ! $db_upd ) { die('Error query: ' . mysql_error()); }
    echo '<h2>Passwort wurde ge&auml;ndert</h2>';
}

function check_input() {

    global $password0,$password1,$password2,$ok,$errors;
    $customerid = $_SESSION['customerid'];
    
    if ( $password0 == '' or $password1 == '' or $password2 == '' )
    { 
        $errors = "Bitte alle Felder ausf&uuml;llen.";
    }
    elseif ( $password1 <> $password2 )
    {
        $errors = "Die neuen Passw&ouml;rter stimmen nicht &uuml;berein! Bitte nochmal eingeben.";
    }
    elseif ( !eregi("^[a-zA-Z0-9_äöüÄÖÜñÁÓÚáàâéèêíìîóòôúùûабвгдеёжзийклмнопр стуфхцчшщъыьэюяАБВГДЕЁЖЗИ ЙКЛМНОП�*СТУФХЦЧШЩЪЫЬ�*ЮЯ]+$", $password1) or strlen(utf8_decode($password1)) < 4 )
    { 
        $errors = "Format des neuen Passworts nicht korrekt! Bitte Passwort l&auml;nger als 3 Zeichen und ohne Sonderzeichen w&auml;hlen."; 
    }
    else
    {
        // check, if already exists
	    $sql = " select password from customerdata where customerid = '$customerid'";
        $db_sel = mysql_query( $sql );
        if ( ! $db_sel ) { die('Error query 1: ' . mysql_error()); }

        // if password not correct
        while ($row = mysql_fetch_array( $db_sel, MYSQL_ASSOC))
        {
		if ( $row['password'] <> md5($password0) )
			{ $errors = "Aktuelles Passwort nicht korrekt! Bitte nochmal eingeben."; }
			else
			{
			$ok = '1';
			}
        }
    }        
}


echo '</div>';
echo '</div>';
echo '<div id="adverts">';
echo '<div id="adbox"></div>';
echo '</div>';
    

require ('fuss.html');
?>

</body>
</html>